Vulnerabilities > Cobham
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-9534 | Download of Code Without Integrity Check vulnerability in Cobham Explorer 710 Firmware 1.07 The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. | 7.8 |
| 2019-10-10 | CVE-2019-9533 | Use of Hard-coded Credentials vulnerability in Cobham Explorer 710 Firmware 1.07 The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. | 9.8 |
| 2019-10-10 | CVE-2019-9532 | Cleartext Transmission of Sensitive Information vulnerability in Cobham Explorer 710 Firmware 1.07 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. | 7.8 |
| 2019-10-10 | CVE-2019-9531 | Improper Authentication vulnerability in Cobham Explorer 710 Firmware 1.07 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. | 9.8 |
| 2019-10-10 | CVE-2019-9530 | Unspecified vulnerability in Cobham Explorer 710 Firmware 1.07 The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. | 5.5 |
| 2019-10-10 | CVE-2019-9529 | Missing Authentication for Critical Function vulnerability in Cobham Explorer 710 Firmware 1.07 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. | 5.5 |
| 2019-09-15 | CVE-2019-16320 | Information Exposure vulnerability in Cobham products Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community. | 5.3 |
| 2019-03-15 | CVE-2018-19394 | Cross-site Scripting vulnerability in Cobham products Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. | 4.8 |
| 2019-03-15 | CVE-2018-19393 | Incorrect Permission Assignment for Critical Resource vulnerability in Cobham products Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. | 7.5 |
| 2019-03-15 | CVE-2018-19392 | Improper Authentication vulnerability in Cobham products Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. | 9.8 |